package com.indexingsystem.boss.filter;

import java.util.HashMap;
import java.util.Map;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.shiro.web.filter.AccessControlFilter;

import com.indexingsystem.boss.common.Constants;
import com.indexingsystem.boss.common.ResultCode;
import com.indexingsystem.boss.entity.Pusers;
import com.indexingsystem.boss.logback.LogCvt;
import com.indexingsystem.boss.token.manager.TokenManager;

/**
 * 判断登录.
 * 
 * @author Administrator
 *
 */
public class LoginFilter extends AccessControlFilter {
	final static Class<LoginFilter> CLASS = LoginFilter.class;

	@Override
	protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)
			throws Exception {

		Pusers token = TokenManager.getToken();
		if (null != token || isLoginRequest(request, response)) {// &&
																	// isEnabled()
			return Boolean.TRUE;
		}
		if (ShiroFilterUtils.isAjax(request)) {// ajax请求
			Map<String, String> result = new HashMap<String, String>();
			// Map<String, String> resultMap = new HashMap<String, String>();
			LogCvt.info("当前用户没有登录，并且是Ajax请求！");

			result.put(Constants.RESULT_CODE, ResultCode.failed.getCode());
			result.put(Constants.RESULT_MESSAGE, Constants.CURR_USER_NOT_LOGIN);
			// resultMap.put("login_status", "300");
			// resultMap.put("message", "");// 当前用户没有登录！
			ShiroFilterUtils.out(response, result);
		}
		return Boolean.FALSE;
	}

	@Override
	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
		// 保存Request和Response 到登录后的链接
		saveRequestAndRedirectToLogin(request, response);
		return Boolean.FALSE;
	}
}
